Job Description: Supports cybersecurity initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
Coordinates resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cybersecurity of communications networks.
Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities.
Correlates actionable security events from various sources including Security Event Information Management (SEIM) system data and develops unique correlation techniques.
Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
Develops analytical products fusing enterprise and all- source intelligence. Be able to conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker-encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.
Candidate will provide CND reports, trends, responses, mitigations, analysis, and information dissemination.
Candidate will provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain.
Candidate will support teams within a performance-based environment with pre-determined Acceptable Levels of Performance (ALP).
Candidate will support the development, documentation and tracking of measurements & metrics relevant to the ALP's.
Candidate interfaces with Government counterparts, both CONUS & OCONUS, along with contract team members.
Candidate is responsible for maintaining the integrity & security of enterprise-wide systems & networks.
Candidate supports security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff.
Prerequisites: / Qualifications:
Must be able to fulfill requirements for an Information Assurance Management (IAM) Level II position, to include at least (5) five years of CND experience. Candidate must have experience supporting CND or related teams. Candidate must have experience working CND duties (e.g., Protect, Defend, Respond, and Sustain). Candidate must have experience working with DoD / Government Leaders at all levels. Candidate must have strong communication skills (both written and verbal).
Candidate should have UNIX Administrative skills. Candidate should have Command Line Scripting skills (i.e. PERL, python, shell scripting) to automate analysis task. Knowledge of hacker tactics, techniques, and procedures (TTP). Be able to conduct malware analysis. Demonstrated hands on experience with various static and dynamic malware analysis tools Knowledge of advanced threat actor tactics, techniques and procedures (TTP) Understanding of software exploits. Ability to analyze packed and obfuscated code. Comprehensive understanding of common Windows APIs and ability to analyze shellcode. Experience with Network Devices and Client/Server configurations as required. Candidate should be familiar with current DoD and Intelligence Community (IC) directive, Instruction, Policies and Guidance documents.
The candidate should have experience in the following areas:
Ability to understand various computer architecture, software applications and operating systems
Solid working knowledge of network security architecture
Understanding of trusted systems and their applications
Ability to apply information systems security engineering, security services and mechanism, threats and vulnerabilities to systems
Good technical problem-solving skills
Communications and teamwork skills
Knowledge of applicable IC/DoD IA policies and NRO policies, directives and standards
Education: Bachelor's in Computer Science (Information Management, Computer Information systems (CIS), or five (5) years' of practical experience in the IS environment w/a minimum of four (4) years direct IA experience. The CISSP CAP, GSLC, CASP, or CISM is required.
Required Clearance: U. S. Citizen; minimum TS//SCI and CI Poly
Job ID 1843308 Date posted 01/11/2019